---
- name: update all
  command: yum -y update creates=/etc/sysconfig/global-update-applied
  register: updated
  tags:
  - packages

- name: write out global-update-applied file if we updated
  copy: content="updated" dest=/etc/sysconfig/global-update-applied 
  when: updated is defined
  tags:
  - packages
  
- name: ntp pkgs
  action: yum state=installed pkg=$item
  with_items:
  - ntpdate
  - ntp
  tags:
  - packages

- name: put step-tickers in place
  action: copy src=$files/common/step-tickers dest=/etc/ntp/step-tickers

- name: enable the service
  action: service name=ntpd state=running enabled=true

- name: edit hostname to be instance name - prefix hostbase var if it exists
  action: shell hostname  ${hostbase}`curl -s http://169.254.169.254/latest/meta-data/instance-id`
  tags:
  - config

- name: add ansible root key 
  action: authorized_key user=root key="{{ item }}"
  with_file:
  - ${files}/common/ansible-pub-key
  tags:
  - config
  
- name: add root keys for sysadmin-main and other allowed users
  action: authorized_key user=root key="{{ item }}"
  with_pipe:
  - "${auth_keys_from_fas} @sysadmin-main ${root_auth_users}"
  tags:
  - config
  ignore_errors: true

# note - kinda should be a handler - but handlers need args
- name: restorecon
  action: command restorecon -R /root/.ssh
  tags:
  - config

